14 DAY TRIAL // The Twitter accounts of numerous people, including members of the infosec community, have been compromised and abused in a diet spam campaign.
According to Malwarebytes, the spammers are using the hijacked accounts to send out direct messages. Since, in many cases, Twitter has banned users from sending links in DMs, the spammers are sending out links to tweets posted on spammy profiles or other compromised accounts.
The tweets don’t contain any text, only a link to a diet scam site. Many users will probably click on the links out of curiosity, particularly if the messages come from one of their friends.
For advice on how to protect your Twitter account, check out Malwarebytes’ blog. Some important recommendations can also be found on Twitter’s “Keeping your account secure” page.